package Filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import DTO.Admin;
import DTO.Employee;

/**
 * 全局控制过滤器
 */
public class MyFilter implements Filter{

	public static final String login_page = "index.jsp";
	public static final String logout_page = "login.jsp";


	@Override
	public void destroy() {

	}


	//需要定义系统页面访问中可放行的连接
	private List<String> list = new ArrayList<String>();
	public void init(FilterConfig arg0) throws ServletException {
		list.add("/login.jsp");
		list.add("/e_login");
		list.add("/login1.jsp");
		list.add("/login4.jsp");
		list.add("/admin_rigiste.jsp");
		list.add("/vip_zhuce.jsp");
		list.add("/hello.jsp");
		list.add("/login");     //定义不被拦截的页面
	}

	public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
						 FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) servletRequest;
		HttpServletResponse response = (HttpServletResponse) servletResponse;
		//1、获取页面中的访问的路径连接
		String path = request.getServletPath();
		if(list!=null && list.contains(path)){
			//如果页面中获取的访问连接于定义的可放行的连接一致，则放行
			chain.doFilter(request, response);
			return;
		}
		//2、从session(admin)对象中获取当前登录的用户
		Admin admin = (Admin) request.getSession().getAttribute("admin");
		if(admin!=null){
			//如果从session中获取的用户对象不为空，则放行
			chain.doFilter(request, response);
			return;
		}
		//获取employee用户session,放行规则
		Employee emp = (Employee) request.getSession().getAttribute("emp");
		if(emp!=null){
			//如果从session中获取的用户对象不为空，则放行
			chain.doFilter(request, response);
			return;
		}
		//如果不满足条件1和2or 3，则不能放行，回到系统的登录页面
		response.sendRedirect("login.jsp");
	}

}
